/**  
 * 文 件 名: RightInterceptor.java  
 * 描    述：   
 * 版    权：Copyright (c)20012-2012 tongzhou All Rights Reserved.
 * 公    司: 同舟 
 * 作    者：彭定雄                     
 * 版    本: 1.0  
 * 创建时间: 2012-10-27
 *  
 * 修改历史：  
 * 时间                             作者                       版本                        描述  
 * ------------------------------------------------------------------  
 * 2012-10-27        彭定雄                1.0          1.0 Version  
 */       

/**
 * 
 */
package com.tongzhou.system.rightsMgmt.Interceptor;

import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.ServletActionContext;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.tongzhou.system.userMgr.dao.IUserMgrDAO;
import com.tongzhou.util.Util;

public class RightInterceptor extends AbstractInterceptor{

	/**
	 * session权限控制
	 */
	
	private IUserMgrDAO dao;
	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		HttpServletRequest request = ServletActionContext.getRequest();
//        HttpServletResponse response = ServletActionContext.getResponse();
		Map session=invocation.getInvocationContext().getSession();
		
        // 获取地址
//        String path = request.getContextPath();

//        String basePath = request.getScheme() + "://" + request.getServerName()
//                        + ":" + request.getServerPort() + path;
        String nowURl = request.getServletPath();
//        String temp_path = nowURl.substring(nowURl.lastIndexOf("/") + 1, nowURl.length());
		
        
        String id=(String)session.get("id");
		if(!Util.checkObjIsNull(id)){
//			User user=new User();
//			user.setId(id);
//			user.setRightUrl(nowURl);
//			dao=new UserMgrDAO();
//			List<Right> rightList=dao.getUserUrl(user);
//			Role role=dao.getRoleByUserID(user);
			List<String> rights=Util.getAdminUserRights();
			List<String> roles=Util.getAdminUserRoles();
			
			Boolean temp1=roles.contains("1");
			Boolean temp2=rights.contains(nowURl);
			
			if(temp1||temp2){
				return invocation.invoke();
			}else{
				return "noRight";
			}
		}else{
			return Action.LOGIN;
		}
	}
	public IUserMgrDAO getDao() {
		return dao;
	}
	public void setDao(IUserMgrDAO dao) {
		this.dao = dao;
	}
}
